Tuesday, December 1, 1998

It’s the email, stupid!


By Victor Woodward

Throughout history, the installation of security measures has lagged significantly behind the discovery of a threat -- in other words, the barn door tends to get locked sometime after the horse has escaped.

This is partly due to the time it takes to identify a threat, develop a solution, and educate the market. It is also telling of our society's resistance to bad news. Not wanting to believe the worst, we continue as though the threat doesn't exist -- (i.e., "This isn't the kind of neighborhood where you have to lock the doors.") Unfortunately, it usually takes a major event to precipitate widespread adoption of protective measures.

"In this case, it was the Microsoft trial."

In this case, it was the Microsoft anti-trust trial. One of the more scary aspects of this case, for all of us, has been the way the Justice Department has been foraging through Microsoft's email archives. They are using any email that has been sent that could be interpreted as incriminating against them. This means, for example, that when an over-zealous 24 year old product manager sends a message saying "Let's squash AOL," even if that message would be completely disregarded by anyone with maturity at the company, it is now ammunition against Microsoft.

The problem for business owners now is that any email message sent by any employee, whether appropriate or misguided, whether public or private, may now be interpreted legally as the company's official corporate policy. Water cooler conversations (or at least their email equivalent) are now gospel.

Companies have found themselves with legal trouble due to the contents of their corporate email archives for some time now. But the fallout of the Microsoft anti-trust case is a trumpet heralding the importance of content security.

Perhaps more than any other case, the Microsoft trial has established an obvious connection between email and legal liability. The fallout of this is fear in the corporate sector -- because it is now clear that the contents of an email are actionable in a court of law. Who among us hasn't sent an email that, taken out of context, could be considered dubious?

People memorialize things in email, that they would never, EVER say on company letterhead. As coverage of the Microsoft trial has been quick to point out, the folks from Redmond have incriminated themselves vigorously with the comments they've made in email. So when I talk about "fallout," I guess I mean a much higher awareness level about the power of email to get companies in serious trouble.